Pinned
🚨 A new $150,000 Guardian Defender contest is coming soon.
Hunt for bugs in @limitbreak’s AMM — Critical, High, and Medium severities will all be eligible for payouts.
Full details and how to participate below 👇
Guardian
1,812 posts
Guardian
@GuardianAudits
Institutional Grade Onchain Security, for when it has to be right the first time. Guarded $45 Billion.
Book an audit → guardianaudits.com
- Guardian reposted
Weekly Digest (May 25 - 31) recap 👇 (1) New RFC went live to harden the architecture behind OHM bridging (every cross-chain message to be verified by four independent organizations; transfers capped per route; supply reconciled on Ethereum). Audited by @GuardianAudits, tested
- Guardian reposted
Good decision 🤝We have contracted @GuardianAudits as we begin the process of getting @papertrade_xyz ready for launch Summer 2026 - Guardian reposted
We have contracted @GuardianAudits as we begin the process of getting @papertrade_xyz ready for launch Summer 2026 - Guardian repostedAhead of their launch, @ManifestFinance engaged Guardian to review the security of their protocol. During our review, we identified a High severity issue in how authentication was enforced. Here’s a breakdown of the finding, and how we worked with the Manifest team to fix it 👇
- Guardian reposted
Thanks to @GuardianAudits for the deep review of Manifest's smart contracts. They identified and helped resolve a critical access control issue in our pre-launch review. This is exactly why rigorous, layered audits matter for RWA protocols.Ahead of their launch, @ManifestFinance engaged Guardian to review the security of their protocol. During our review, we identified a High severity issue in how authentication was enforced. Here’s a breakdown of the finding, and how we worked with the Manifest team to fix it 👇 - Replying to @GuardianAuditsInterested in securing your upcoming launch with Guardian? Reach out to us via: DM GuardianAudits.com Telegram @GuardianAudits
- Replying to @GuardianAuditsThe takeaway: When building with RWAs, access control isn’t optional -- it’s foundational. And in composable systems, that means securing not just users… but the entire call path.
- Replying to @GuardianAuditsThe fix? @ManifestFinance worked with Guardian to restrict access to a trusted set of periphery contracts. Only approved entrypoints can now call into the system.
- Replying to @GuardianAuditsThis breaks core access control assumptions. An attacker could: Impersonate approved users Bypass KYC restrictions Interact with permissioned pools All without proper authorization.
- Replying to @GuardianAuditsIf an untrusted contract can call into the system, it can manipulate how msgSender() resolves. It can appear as if a different, approved user initiated the action.
